Re: Basic question about sockets and security
- From: Steve Holden <steve@xxxxxxxxxxxxx>
- Date: Mon, 07 May 2007 07:28:00 -0400
Dave Dean wrote:
Hi all,
I'm just starting out in sockets/network programming, and I have a very basic question...what are the 'security' implications of opening up a socket? For example, suppose I've written a simple chat server and chat client. The server opens a socket, listens on a port, and accepts incoming connections. The clients open a socket and connect to the server. If the server receives a message from a client, it sends that message out to every client. When a client receives a message, it places it in a text widget.
So...are there inherent dangers in doing this? I have no real security concern in the actual application, but can an open socket somehow allow someone access to the rest of the computer? Is the 'security' of the socket handled at the OS level (or within the socket module)?
I realize this isn't necessarily a Python question, but I wrote my application in Python and I'm not sure where to start. I'll repost this elsewhere if someone points me towards a more relevant group.
It's something that all Python network newbies would like to know about (and OUGHT to know about), so it's a valid question.
Essentially all opening a server socket does is to allow anyone who can connect to send data to your process. The difficulties usually begin when your process doesn't handle it in a secure way.
Typically in a language like C this will involve failing to check its length, thereby allowing a malicious user to send an over-length input and (since local variables in CC are held on the stack) overwriting crucial data like function return addresses.
Such exploits can be used to inject code into your process and have it run. Since server processes often run at a high level of privilege, so does the exploit code.
Another way you can introduce vulnerabilities into your code is to craft inputs that, when incorporated into system calls, maliciously change the intent of your code. So suppose you had a command to allow a user to ping another computer, you might do (something like)
os.system("ping "+address)
where the address is what the user types in. However, if the user types in something like
192.168.12.13 ; rm /etc/passwd
then your call becomes
os.system("ping 192.168.12.13; rm /etc/passwd")
and executes two shell statements, the second of which is rather destructive.
So, as long as you aren't passing any user data to the operating system in any way shape or form you are probably in reasonably good shape. But this is easier to do than you might imagine, and you always need to ask yourself what the downside potential of malicious inputs might be.
Python's libraries are well written by and large, and the language itself checks the bounds of all data structure accesses, making buffer overflow exploits of the type I described much less of a risk, but the OS vulnerabilities still remain for you to avoid by careful coding.
regards
Steve
--
Steve Holden +1 571 484 6266 +1 800 494 3119
Holden Web LLC/Ltd http://www.holdenweb.com
Skype: holdenweb http://del.icio.us/steve.holden
------------------ Asciimercial ---------------------
Get on the web: Blog, lens and tag your way to fame!!
holdenweb.blogspot.com squidoo.com/pythonology
tagged items: del.icio.us/steve.holden/python
All these services currently offer free registration!
-------------- Thank You for Reading ----------------
.
- References:
- Basic question about sockets and security
- From: Dave Dean
- Basic question about sockets and security
- Prev by Date: Re: msbin to ieee
- Next by Date: Re: Basic question about sockets and security
- Previous by thread: Basic question about sockets and security
- Next by thread: Re: Basic question about sockets and security
- Index(es):
Relevant Pages
|
